[Geeks are Sexy] technology news

Tuesday, April 11, 2006

Microsoft to admins : Rootkit means rebuild

My pal Oliver Rist, senior contributing editor for the Infoworld Magazine and Dictator of the MSN Technology Filter blog, has been ranting about Microsoft ever since I started reading him 6 months ago, and he's doing it yet again. Understandably so because Microsoft, in all their great wisdom and experience, never really took the time to effectively secure the core of their operating systems, the windows kernel, against malicious code. I can't blame him because as always, my position on most IT subjects pretty much reflects his opinion. What is there to do if a rookit gets into your system? The solution is simple: Wipe the OS and start over.

"That’s why I’m still seeing pink. I understand that kernel infections are difficult to remove, but why is it apparently so easy to get to the Windows kernel? And also apparently so easy to defeat the XP rollback feature that should have been protecting us from just such a problem? It’s not rocket science to add something like a checksum routine that should be able to detect if anything in the kernel gets modified, so why is the responsibility for the safety of these files falling on us?"

Read more.


Post a Comment

Links to this post:

Create a Link

<< Home